package com.dongdong.shiro;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import com.dongdong.shiro.LoginUserRealm;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

/**
 * @Deacription TODO
 * @Author Lenovo
 * @Date 2020/12/7 11:24
 * @Version 1.0
 **/
@Configuration
public class ShiroConfig {

    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Autowired DefaultWebSecurityManager getDefaultWebSecurityManager){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //设置安全管理器
        shiroFilterFactoryBean.setSecurityManager(getDefaultWebSecurityManager);

        //配置shiro内置过滤器
        //配置我们哪些路径需要登录,哪些路径不需要登录等等
        /* *
         anon:不需要认证(登录)就可以访问
         authc:必须认证(登录)才能访问
         perms:权限,必须拥有这个权限才能访问
         role:必须拥有这个角色才能访问
         logout:退出登录
        */
        Map<String,String> fileMap = new LinkedHashMap<>();
        fileMap.put("/img/**","anon");
        fileMap.put("/css/**","anon");
        fileMap.put("/js/**","anon");
        fileMap.put("/plugins/**","anon");

        fileMap.put("/login","anon");

        fileMap.put("/auth/logout","logout");
        fileMap.put("/**","authc");

        //自定义的登录页
        shiroFilterFactoryBean.setLoginUrl("/toLogin");
        //设置无权页面
        shiroFilterFactoryBean.setUnauthorizedUrl("/unauthorized");

        //将过滤器放入过滤链中
        shiroFilterFactoryBean.setFilterChainDefinitionMap(fileMap);
        return shiroFilterFactoryBean;
    }

    @Bean
    public DefaultWebSecurityManager getDefaultWebSecurityManager(@Autowired LoginUserRealm getRealm){
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        //关联我们自定义的realm类
        defaultWebSecurityManager.setRealm(getRealm);
        return defaultWebSecurityManager;
    }

    @Bean
    public LoginUserRealm getLoginUserRealm(@Autowired HashedCredentialsMatcher HashedCredentialsMatcher){
        LoginUserRealm loginUserRealm = new LoginUserRealm();
        //给realm对象设置加密方式
        loginUserRealm.setCredentialsMatcher(HashedCredentialsMatcher);
        return new LoginUserRealm();
    }

    //加密配置
    @Bean
    public HashedCredentialsMatcher HashedCredentialsMatcher(){
        //创建哈希加密对象
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
        //哈希加密算法有很多种:MD4 MD5 SHA-1 SHA-2
        matcher.setHashAlgorithmName("MD5");
        //盐值加密
        //定义撒盐次数
        matcher.setHashIterations(3);
        matcher.setStoredCredentialsHexEncoded(true);//设置加密的编码
        return matcher;
    }

    //shiro整合thymeleaf 模板引擎
    @Bean
    public ShiroDialect ShiroDialect(){
        return new ShiroDialect();
    }
}

